A new phishing kit dubbed Tycoon 2FA has raised significant concerns in the cybersecurity community. Discovered by the Sekoia Threat Detection & Research (TDR) team in October 2023 and discussed in an advisory published today, the kit is associated with the Adversary-in-The-Middle (AiTM) technique and allegedly utilized by multiple threat actors to orchestrate widespread and
admin
Last year ESET published a blogpost about AceCryptor – one of the most popular and prevalent cryptors-as-a-service (CaaS) operating since 2016. For H1 2023 we published statistics from our telemetry, according to which trends from previous periods continued without drastic changes. However, in H2 2023 we registered a significant change in how AceCryptor is used.
Mar 25, 2024NewsroomSupply Chain Attack / Cryptocurrency Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. “The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with
In a bipartisan effort, the US House of Representatives has approved legislation to curtail the sharing of Americans’ sensitive data with foreign entities. The bill, known as the Protecting Americans’ Data from Foreign Adversaries Act (HR 7520), spearheaded by Congresswoman Cathy McMorris Rodgers (R-WA) and Frank Pallone (D-NJ), secured an overwhelming vote of 414-0. This legislative move
Video The second half of 2023 saw massive growth in AceCryptor-packed malware spreading in the wild, including courtesy of multiple spam campaigns where AceCryptor packed the Rescoms RAT 22 Mar 2024 This week, ESET researchers released an analysis showing a surge in the detections of AceCryptor, one of the most popular cryptors-as-a-service (CaaS) used to
Mar 24, 2024NewsroomArtificial Intelligence / Cyber Espionage The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data. Kimsuky, active since at least 2012, is known to target entities located
The US government has published new distributed denial-of-service (DDoS) attack guidance for public sector entities to help prevent disruption to critical services. The document is designed to serve as a comprehensive resource to address the specific needs and challenges faced by federal, state and local government agencies in defending against DDoS attacks. The advisory noted
Mar 23, 2024NewsroomCyber Espionage / Cyber Warfare The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia’s Foreign Intelligence Service (SVR), which was responsible for breaching SolarWinds and Microsoft. The findings come from Mandiant, which said
A new variant of the wiper malware AcidRain, known as AcidPour, has been discovered by SentinelOne’s threat intelligence team, SentinelLabs. AcidRain is destructive wiper malware attributed to Russian military intelligence. In May 2022, AcidRain was used in a broad-scale cyber-attack against Viasat’s KA-SAT satellites in Ukraine. The malware rendered KA-SAT modems inoperative in Ukraine and
Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report published today. “These campaigns come in the form of
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced on Wednesday the designation of two individuals and two entities for their involvement in aiding the Government of the Russian Federation (GoR) in a foreign malign influence campaign. The campaign notably included attempts to impersonate legitimate media outlets. Under Secretary of the
Mar 21, 2024NewsroomThreat Intelligence / Malware The Russia-linked threat actor known as Turla infected several systems belonging to an unnamed European non-governmental organization (NGO) in order to deploy a backdoor called TinyTurla-NG. “The attackers compromised the first system, established persistence and added exclusions to antivirus products running on these endpoints as part of their preliminary
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a stark warning yesterday to leaders of critical infrastructure organizations regarding the imminent threat posed by People’s Republic of China (PRC) state-sponsored cyber actors known as “Volt Typhoon.” In collaboration with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and other US government and
Privacy Given the unhealthy data-collection habits of some mHealth apps, you’re well advised to tread carefully when choosing with whom you share some of your most sensitive data Phil Muncaster 19 Mar 2024 • , 5 min. read In today’s digital economy there’s an app for just about everything. One area that’s booming more than
Mar 20, 2024NewsroomDoS Attack / Network Security A novel denial-of-service (DoS) attack vector has been found to target application-layer protocols based on User Datagram Protocol (UDP), putting hundreds of thousands of hosts likely at risk. Called Loop DoS attacks, the approach pairs “servers of these protocols in such a way that they communicate with each
Threat researchers have revealed a new cyber-attack using cloaked emails to deceive machine learning (ML) systems, enabling the infiltration of enterprise networks. An advisory published by SlashNext today called the tactic a “Conversation Overflow” attack, a method that circumvents advanced security measures to deliver phishing messages directly into victims’ inboxes. The malicious emails consist of two
Mar 19, 2024The Hacker NewsAPI Security / Vulnerability Application programming interfaces (APIs) are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of API Security in 2024 Report from Imperva, a Thales company, found that the majority of internet traffic (71%) in 2023 was API calls. What’s more,
A Moldovan national has been sentenced to 42 months in federal prison by US Senior District Judge James Moody Jr. Sandu Boris Diaconu, 31, was given the sentence for his involvement in conspiracy to commit access device and computer fraud, as well as for possession of 15 or more unauthorized access devices. According to a
A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it’s likely associated with the North Korean state-sponsored group tracked as Kimsuky. “The malware payloads used in the DEEP#GOSU represent a sophisticated, multi-stage threat designed
Security researchers have noticed a substantial increase in software-as-a-service (SaaS) assets, with an average of 286,000 new assets generated weekly in 2023, an 189% surge from the previous year. The data comes from DoControl’s 2024 State of SaaS Data Security Report, which also suggested one in six employees was found to have shared company data
Video Healthcare organizations remain firmly in attackers’ crosshairs, representing 20 percent of all victims of ransomware attacks among critical infrastructure entities in the US in 2023 15 Mar 2024 More than 20 percent of ransomware attacks that hit critical infrastructure organizations in the United States in 2023 were aimed at the healthcare sector, according to
Mar 15, 2024NewsroomData Privacy / Artificial Intelligence Cybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain unauthorized access to sensitive data. According to new research published by Salt Labs, security flaws found directly in ChatGPT and within the ecosystem could
Protected health information and personal details of over a million Irish citizens were accidently exposed by the Ireland’s Health Service Executive (HSE) during the COVID pandemic, according to an AppOmni security researcher. This information included individuals’ vaccine status and type received, which could have been accessed by anyone who registered to the HSE COVID Vaccination
How To Here are a few tips for secure file transfers and what else to consider when sharing sensitive documents so that your data remains safe Phil Muncaster 13 Mar 2024 • , 4 min. read Our lives are increasingly lived in the digital world. And while this comes with a host of benefits, it
Mar 16, 2024NewsroomMalware / Cybercrime Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned
Something mysterious is happening at the US National Institute of Standards and Technology (NIST) that could make many organizations vulnerable to threat actors. Since February 12, 2024, NIST has almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database (NVD), the world’s most widely used software vulnerability database. Tom Pace, CEO of firmware
Video We break down the fundamentals of threat intelligence and its role in anticipating and countering emerging threats Alžbeta Kovaľová 14 Mar 2024 The threat landscape is becoming ever more complex and perilous by the day. Adversaries, ranging from state-aligned advanced persistent threats (APTs) to opportunistic cybercriminals, are well-funded, adaptable and relentless, targeting various chinks
Mar 15, 2024NewsroomHardware Security / Data Protection A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The approach combines speculative execution and race conditions. “All the common synchronization
The US House of Representatives has approved a bill on Wednesday, compelling ByteDance, the parent company of TikTok, to divest the social media platform or face a complete ban in the United States. The vote witnessed a landslide victory, with 352 members of Congress supporting the bill while only 65 opposed it. The bill, expedited
Critical Infrastructure What cyberthreats could wreak havoc on elections this year and how worried should we as voters be about the integrity of our voting systems? Phil Muncaster 12 Mar 2024 • , 4 min. read This year, billions of people will go to the polls to decide their next political leaders. From India to
- « Previous Page
- 1
- …
- 21
- 22
- 23
- 24
- 25
- …
- 118
- Next Page »